Update version.c

Basic steps how to apply updates

README.md

@@ -61,9 +61,11 @@ git checkout ${VERSION_TO_BUILD}
 git submodule update --init --recursive
 ```
 
-## Installing the toolchain
+## Installing the toolchain and applying updates
 
-In order to compile ARM code, you need the ARM compiler and other things like bundling bootloader and firmware require the `solo-python` python package. Check our [documentation](https://docs.solokeys.io/solo/) for details
+In order to compile ARM code, you need the ARM compiler and other things like bundling bootloader and firmware require the [solo-python](https://github.com/solokeys/solo-python) python package. Check our [documentation](https://docs.solokeys.io/solo/) for details.
+
+You can update your solokey after running `pip3 install solo-python` with `solo key update` for the latest version. To apply a custom image use `solo program bootloader <file>(.json|.hex)`.
 
 ## Installing the toolkit and compiling in Docker 
 Alternatively, you can use Docker to create a container with the toolchain.

STABLE_VERSION

@@ -1 +1 @@
-3.1.0
+3.1.2

docs/solo/building.md

@@ -104,9 +104,24 @@ solo mergehex bootloader.hex solo.hex bundle.hex
 
 `bundle.hex` is our complete firmware build.  Note it is in this step that you can
 include a custom attestation certificate or lock the device from debugging/DFU.
-By default the "hacker" attestation certifcate and key is used.
+By default the "hacker" attestation certifcate and key is used.  Use the `--lock` flag
+to make this permanent.
 
 ```
+solo mergehex  \
+    --attestation-key "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" \
+    --attestation-cert attestation.der \
+    solo.hex \
+    bootloader.hex \
+    bundle.hex
+```
+
+**Warning**: If you use `--lock`, this will permanently lock the device to this new bootloader.  You
+won't be able to program the bootloader again or be able to connect a hardware debugger.
+The new bootloader may be able to accept (signed) updates still, depending on how you configured it.
+
+```
+# Permanent!
 solo mergehex  \
     --attestation-key "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" \
     --attestation-cert attestation.der \
@@ -118,9 +133,5 @@ solo mergehex  \
 
 See [here for more information on custom attestation](/solo/customization/).
 
-If you use `--lock`, this will permanently lock the device to this new bootloader.  You
-won't be able to program the bootloader again or be able to connect a hardware debugger.
-The new bootloader may be able to accept (signed) updates still, depending on how you configured it.
-
 To learn more about normal updates or a "full" update, you should [read more on Solo's boot stages](/solo/bootloader-mode).
 

docs/solo/customization.md

@@ -74,7 +74,7 @@ Note you must use a prime256v1 curve for this step, and you must leave the unit/
 country=US
 state=Maine
 organization=OpenSourceSecurity
-unit="Authenticator Attestation"
+unit="Authenticator Attestation"    # MUST KEEP THIS AS "Authenticator Attestation" for FIDO2.
 CN=example.com
 email=example@example.com
 
@@ -134,6 +134,8 @@ solo mergehex  \
     bundle.hex
 ```
 
+**Warning**: Using the `--lock` flag prevents the DFU from being accessed on the device again.  It's recommended to try first without the `--lock` flag to make sure it works.
+
 Now you have a newly created `bundle.hex` file with a custom attestation key and cert.  You can [program this `bundle.hex` file
 with Solo in DFU mode](/solo/programming#procedure).
 

fido2/ctap_parse.c

@@ -666,8 +666,8 @@ uint8_t ctap_parse_extensions(CborValue * val, CTAP_extensions * ext)
         if (ret == CborErrorOutOfMemory)
         {
             printf2(TAG_ERR,"Error, rp map key is too large. Ignoring.\n");
-            cbor_value_advance(&map);
-            cbor_value_advance(&map);
+            check_ret( cbor_value_advance(&map) );
+            check_ret( cbor_value_advance(&map) );
             continue;
         }
         check_ret(ret);
@@ -1353,11 +1353,21 @@ uint8_t ctap_parse_client_pin(CTAP_clientPin * CP, uint8_t * request, int length
                 break;
             case CP_getKeyAgreement:
                 printf1(TAG_CP,"CP_getKeyAgreement\n");
+                if (cbor_value_get_type(&map) != CborBooleanType)
+                {
+                    printf2(TAG_ERR,"Error, expecting cbor boolean\n");
+                    return CTAP2_ERR_INVALID_CBOR_TYPE;
+                }
                 ret = cbor_value_get_boolean(&map, &CP->getKeyAgreement);
                 check_ret(ret);
                 break;
             case CP_getRetries:
                 printf1(TAG_CP,"CP_getRetries\n");
+                if (cbor_value_get_type(&map) != CborBooleanType)
+                {
+                    printf2(TAG_ERR,"Error, expecting cbor boolean\n");
+                    return CTAP2_ERR_INVALID_CBOR_TYPE;
+                }
                 ret = cbor_value_get_boolean(&map, &CP->getRetries);
                 check_ret(ret);
                 break;

fido2/ctaphid.c

@@ -779,30 +779,37 @@ uint8_t ctaphid_custom_command(int len, CTAP_RESPONSE * ctap_resp, CTAPHID_WRITE
         case CTAPHID_LOADKEY:
             /**
              * Load external key.  Useful for enabling backups.
-             * bytes:            4                   96
-             * payload: | counter_increase (BE) | master_key |
+             * bytes:                   4                     4                      96
+             * payload:  version [maj rev patch RFU]| counter_replacement (BE) | master_key |
              * 
              * Counter should be increased by a large amount, e.g. (0x10000000)
              * to outdo any previously lost/broken keys.
             */
             printf1(TAG_HID,"CTAPHID_LOADKEY\n");
-            if (len != 100)
+            if (len != 104)
             {
                 printf2(TAG_ERR,"Error, invalid length.\n");
                 ctaphid_send_error(wb->cid, CTAP1_ERR_INVALID_LENGTH);
                 return 1;
             }
+            param = ctap_buffer[0] << 16;
+            param |= ctap_buffer[1] << 8;
+            param |= ctap_buffer[2] << 0;
+            if (param != 0){
+                ctaphid_send_error(wb->cid, CTAP2_ERR_UNSUPPORTED_OPTION);
+                return 1;
+            }
 
             // Ask for THREE button presses
             if (ctap_user_presence_test(8000) > 0)
-                if (ctap_user_presence_test(8000) > 0)
-                    if (ctap_user_presence_test(8000) > 0)
+                if (ctap_user_presence_test(2000) > 0)
+                    if (ctap_user_presence_test(2000) > 0)
                     {
-                        ctap_load_external_keys(ctap_buffer + 4);
-                        param = ctap_buffer[3];
-                        param |= ctap_buffer[2] << 8;
-                        param |= ctap_buffer[1] << 16;
-                        param |= ctap_buffer[0] << 24;
+                        ctap_load_external_keys(ctap_buffer + 8);
+                        param = ctap_buffer[7];
+                        param |= ctap_buffer[6] << 8;
+                        param |= ctap_buffer[5] << 16;
+                        param |= ctap_buffer[4] << 24;
                         ctap_atomic_count(param);
 
                         wb->bcnt = 0;

fido2/version.c

@@ -1,12 +1,17 @@
 #include "version.h"
+#include "app.h"
 
+const version_t firmware_version 
+#ifdef SOLO
+__attribute__ ((section (".flag"))) __attribute__ ((__used__)) 
+#endif
+    =  {
+      .major = SOLO_VERSION_MAJ,
+      .minor = SOLO_VERSION_MIN,
+      .patch = SOLO_VERSION_PATCH,
+      .reserved = 0
+    };
 
-const version_t firmware_version __attribute__ ((section (".flag"))) __attribute__ ((__used__)) =  {
-  .major = SOLO_VERSION_MAJ,
-  .minor = SOLO_VERSION_MIN,
-  .patch = SOLO_VERSION_PATCH,
-  .reserved = 0
-};
 
 // from tinycbor, for a quick static_assert
 #include <compilersupport_p.h>

targets/stm32l432/build/application.mk

@@ -84,4 +84,5 @@ cbor:
 	cd ../../tinycbor/ && make clean
 	cd ../../tinycbor/ && make CC="$(CC)" AR=$(AR) \
 LDFLAGS="$(LDFLAGS_LIB)" \
-CFLAGS="$(CFLAGS) -Os"
+CFLAGS="$(CFLAGS) -Os  -DCBOR_PARSER_MAX_RECURSIONS=3"
+

targets/stm32l432/src/device.c

@@ -577,7 +577,11 @@ uint32_t ctap_atomic_count(uint32_t amount)
         return lastc;
     }
 
-    lastc += amount;
+    if (amount > 256){
+        lastc = amount;
+    } else {
+        lastc += amount;
+    }
 
     if (lastc/256 > erases)
     {